mirror/zig
1
0
Fork 0
mirror of https://github.com/ziglang/zig.git synced 2025-12-06 06:13:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add std.crypto.hash.sha3.{KT128,KT256} - RFC 9861. (#25593)

Browse Source 
KT128 and KT256 are fast, secure cryptographic hash functions based on Keccak (SHA-3).

They can be seen as the modern version of SHA-3, and evolution of SHAKE, with better performance.

After the SHA-3 competition, the Keccak team proposed these variants in 2016, and the constructions underwent 8 years of public scrutiny before being standardized in October 2025 as RFC 9861.

They uses a tree-hashing mode on top of TurboSHAKE, providing both high security and excellent performance, especially on large inputs.

They support arbitrary-length output and optional customization strings.

Hashing of very large inputs can be done using multiple threads, for high throughput.

KT128 provides 128-bit security strength, equivalent to AES-128 and SHAKE128, which is sufficient for virtually all applications.

KT256 provides 256-bit security strength, equivalent to SHA-512. For virtually all applications, KT128 is enough (equivalent to SHA-256 or BLAKE3).

For small inputs, TurboSHAKE128 and TurboSHAKE256 (which KT128 and KT256 are based on) can be used instead as they have less overhead.
This commit is contained in:
Frank Denis 2025-11-01 15:03:43 +01:00 committed by GitHub
parent 4e943fc847
commit 95c76b1b4a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 1844 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
lib/std/crypto/benchmark.zig
View File

@ -37,6 +37,7 @@ const hashes = [_]Crypto{
const parallel_hashes = [_]Crypto{
Crypto{ .ty = crypto.hash.Blake3, .name = "blake3-parallel" },
Crypto{ .ty = crypto.hash.sha3.KT128, .name = "kt128-parallel" },
};
const block_size: usize = 8 * 8192;

1834
lib/std/crypto/kangarootwelve.zig Normal file
View File

File diff suppressed because it is too large Load Diff

9
lib/std/crypto/sha3.zig
View File

@ -4,6 +4,8 @@ const assert = std.debug.assert;
const math = std.math;
const mem = std.mem;
const kangarootwelve = @import("kangarootwelve.zig");
const KeccakState = std.crypto.core.keccak.State;
pub const Sha3_224 = Keccak(1600, 224, 0x06, 24);
@ -26,6 +28,9 @@ pub const KMac256 = KMac(256);
pub const TupleHash128 = TupleHash(128);
pub const TupleHash256 = TupleHash(256);
pub const KT128 = kangarootwelve.KT128;
pub const KT256 = kangarootwelve.KT256;
/// TurboSHAKE128 is a XOF (a secure hash function with a variable output length), with a 128 bit security level.
/// It is based on the same permutation as SHA3 and SHAKE128, but which much higher performance.
/// The delimiter is 0x1f by default, but can be changed for context-separation.
@ -481,6 +486,10 @@ pub const NistLengthEncoding = enum {
const htest = @import("test.zig");
test {
_ = kangarootwelve;
}
test "sha3-224 single" {
try htest.assertEqualHash(Sha3_224, "6b4e03423667dbb73b6e15454f0eb1abd4597f9a1b078e3f5b5a6bc7", "");
try htest.assertEqualHash(Sha3_224, "e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf", "abc");